Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cross Origin Filter with embedded Jetty

Tags:

jetty

I'm trying to get a CrossOriginFilter working with a couple of embedded Jetty servers, both running on our internal network. Both are running servlets, but I need server A's web page to be able to post to server B's servlets. I think I need to add ACCESS_CONTROL_ALLOW_ORIGIN to a CrossOriginFilter but finding out how to do this with an embedded Jetty instance with no web.xml isn't proving to be easy. I get the following error message in the browser when trying to access server b's serlvets

No 'Access-Control-Allow-Origin' header is present on the requested resource

Im using angularjs to post to the other server's servlets in a controller.

And here is the code for one of the servers (both are pretty much the same)

Server server = new Server(httpPort);

ResourceHandler resource_handler = new ResourceHandler();
resource_handler.setDirectoriesListed(true);
resource_handler.setWelcomeFiles(new String[] { "index.html" });
resource_handler.setResourceBase("./http/");

ServletHandler handler = new ServletHandler();
handler.addServletWithMapping(ServerPageRoot.class, "/servlet/*");

FilterHolder holder = new FilterHolder(CrossOriginFilter.class);
holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
holder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*");
holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,HEAD");
holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin");

handler.addFilter(holder );

HandlerList handlers = new HandlerList();
handlers.setHandlers(new Handler[] { resource_handler, handler,new DefaultHandler() });
server.setHandler(handlers);
server.start();
like image 868
Mark Trueman Avatar asked Dec 05 '22 23:12

Mark Trueman

2 Answers

A few points:

  • Don't use ServletHandler naked like that. The ServletHandler is an internal class that ServletContextHandler uses.
  • The ServletContextHandler is what provides the needed ServletContext object and state for the various servlets and filters you are using.
  • The ServletContextHandler also provides a place for the overall Context Path declaration
  • The ServletContextHandler is also the place for Welcome Files declaration.
  • Don't use ResourceHandler, when you have DefaultServlet available, its far more capable and feature rich.

Example:

Server server = new Server(httpPort);

// Setup the context for servlets
ServletContextHandler context = new ServletContextHandler();
// Set the context for all filters and servlets
// Required for the internal servlet & filter ServletContext to be sane
context.setContextPath("/");
// The servlet context is what holds the welcome list 
// (not the ResourceHandler or DefaultServlet)
context.setWelcomeFiles(new String[] { "index.html" });

// Add a servlet
context.addServlet(ServerPageRoot.class,"/servlet/*");

// Add the filter, and then use the provided FilterHolder to configure it
FilterHolder cors = context.addFilter(CrossOriginFilter.class,"/*",EnumSet.of(DispatcherType.REQUEST));
cors.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
cors.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*");
cors.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,HEAD");
cors.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin");

// Use a DefaultServlet to serve static files.
// Alternate Holder technique, prepare then add.
// DefaultServlet should be named 'default'
ServletHolder def = new ServletHolder("default", DefaultServlet.class);
def.setInitParameter("resourceBase","./http/");
def.setInitParameter("dirAllowed","false");
context.addServlet(def,"/");

// Create the server level handler list.
HandlerList handlers = new HandlerList();
// Make sure DefaultHandler is last (for error handling reasons)
handlers.setHandlers(new Handler[] { context, new DefaultHandler() });

server.setHandler(handlers);
server.start();
like image 155
Joakim Erdfelt Avatar answered Dec 31 '22 15:12

Joakim Erdfelt

managed to get it working by doing

FilterHolder holder = new FilterHolder(CrossOriginFilter.class);
holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*");
holder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "*");
holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,HEAD");
holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin");
holder.setName("cross-origin");
FilterMapping fm = new FilterMapping();
fm.setFilterName("cross-origin");
fm.setPathSpec("*");
handler.addFilter(holder, fm );
like image 44
Mark Trueman Avatar answered Dec 31 '22 14:12

Mark Trueman
Sign in to Comment

Related questions

How to use Guice Servlet with Wicket
jersey-server-1.12 with jetty-maven-plugin not working together
How to install or config activemq admin cosole(jetty) use apt-get command?
Passing parameters to resource using embedded Jetty
Debugging jetty on a failed start
Where is jetty /context/text.xml?
Gradle: Run multiple webapps with Jetty
Jetty: How to use SSL in Jetty client side
Are sources of Jetty public?
Different servlet-api versions collision
Maven Jetty Plugin OutOfMemoryError When Sharing Instance Between Two Web Apps
How to config local Jetty ssl to avoid weak phermeral DH key error?
JSP support in Jetty 9.3
My Jetty server will dead after a long time, why?
Jar/Class problems with Jetty WebSockets
Jetty WebSocketClientSelectorManager - Connection Failed java.io.IOException: Cannot init SSL
javax.servlet.http.HttpServletResponse.getStatus() not found
Java servlets and database connection pooling

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!